How to setup separate repositories in Subversion + Apache

By: Ted Heich, on 2.15.2009, filed under Linux and tagged as | | | | .

When you have different teams accessing a common SVN server, you will need a way to separate not only their SVN repositories, but their access mechanisms to that server too. If you define all your SVN repositories under one SVN parent path, everybody will have access to everybody else’s SVN project. This guide will show you how to keep SVN repos separate, with separate access control mechanisms.

This guide is for Debian-based installations

How to prepare SVN repositories

Choose a location on the server where you would like to keep your SVN projects. In this guide, I will use /var/www/svnrepos.

Create the repositories using svnadmin tool, this process has been covered in another post, section name is “How to configure your SVN repository”, you can find it here. Change the ownership of the newly created repository to www-data (the apache user). To create another project, just repeat this procedure. For our example, I will create 2 projects, here are the steps:

$ sudo svnadmin create /var/www/svnrepo/project1
$ sudo svnadmin create /var/www/svnrepo/project2
$ chown -R www-data:www-data /var/www/svnrepo/project1
$ chown -R www-data:www-data /var/www/svnrepo/project2

Now, the 2 projects are created in SVN, we just need to serve them using Apache.

How to setup Apache for multiple SVN repositories

Each publicly accessible url in Apache is defined either using either Location or Directory tag, SVN can be defined with either one, for this guide, I will use the Location tag.

To allow web access to our first project (project1), you will need to edit the file dav_svn.conf found under /etc/apache2/mods-enabled. You will need to define it’s physical location on the server and it’s access control. The dav_svn.conf should look like this:

<Location /project1>
DAV svn
SVNPath /var/www/svnrepo/project1
AuthType Basic
AuthFile /etc/apache2/project1.passwd
Require valid-user
</Location>

SVNPath tells Apache where the physical location of your SVN repo can be found. AuthType Basic means that Apache will utilize form-based authentication before allowing access to this SVN repo. AuthFile specifies the physical location of the password file for this SVN project. Please see my other post which talks about Apache+SVN authentication. You will need to create this password file later.

At this point, only project1 will be accessible via Apache, you will need to create another definition for project2, the resulting dav_svn.conf file should look like this:

<Location /project1>
DAV svn
SVNPath /var/www/svnrepo/project1
AuthType Basic
AuthFile /etc/apache2/project1.passwd
Require valid-user
</Location>
<Location /project2>
DAV svn
SVNPath /var/www/svnrepo/project2
AuthType Basic
AuthFile /etc/apache2/project2.passwd
Require valid-user
</Location>

How to create password files for Basic Authentication

Use the htpasswd utility to create the password files.

$ cd /etc/apache2/
$ sudo htpasswd -c -m project1.passwd user1 #you will be asked for a password
$ sudo htpasswd -c -m project2.passwd user2 #you will be asked for a password

the -c flag in htpasswd means that you are creating the password file for the first time, do not use this flag when you add subsequent users to the password file, lest you will delete all existing users in that password file. The -m means that you would like to hash or encrypt the password part of the file.

To define more users for the password file, just the command

$ cd /etc/apache2
$ sudo htpasswd -m project1.passwd user3

Now you have separate password files for separate SVN repositories.

If you want to show appreciation for my efforts dear reader, you could buy me a tall hazel nut Americano ($2) via PayPal. Thanks
Navigation
(previous post)
(next post)
| | | .

{0 Comments ..

Sorry, the comment form is closed at this time.